Snitch

Description

Network monitor for WordPress with connection overview for controlling and regulating data traffic from your site.

Trust, But Verify

Snitch monitors and logs the outgoing data stream of your WordPress site. It records every outbound connection from WordPress and provides a log table for administrators.

Snitch does not only log connection requests, but enables you to block future requests either by target URL (internet address being called in the background), or by script (file being executed to open up a connection). Once blocked, a connection will be visually highlighted. Blocked entries can be unblocked with a simple click.

Snitch is a perfect tool to “listen in” on outbound communication. It is also suitable to early recognize any malware and tracking software installed. You can youse Snitch to make sure you comply with GDPR.

Summary

Snitch writes a log of both authorized and blocked attempts of connectivity. An overall view provides transparency and lets you control outgoing connections initialized by plugins, themes, or WordPress.

In A Nutshell

  • neat interface
  • displays target URL and source file
  • features grouping, sorting, searching
  • visual highlighting of blocked requests
  • show POST variables with a simple click
  • block/unblock connections by domain/file
  • monitors communication in back-end and front-end
  • delete all entries by pressing a button
  • free of charge, no advertising

Support

Contribute

  • Active development of this plugin is handled on GitHub.
  • Pull requests for documented bugs are highly appreciated.
  • If you think you’ve found a bug (e.g. you’re experiencing unexpected behavior), please post at the support forums first.
  • If you want to help us translate this plugin you can do so on WordPress Translate.

Credits

Screenshots

  • Snitch connection list with target URL and actions

  • Snitch connection list with further information

Installation

  • If you don’t know how to install a plugin for WordPress, here’s how.

FAQ

Installation Instructions
  • If you don’t know how to install a plugin for WordPress, here’s how.
Snitch creates a lot of database entries

Snitch is designed to log any outgoing connection in WordPress. If the database fills fast, you should look up the cause. Why does your WordPress and plugins communicate so often to the outside that the database table fills? Is this communication really necessary?

As a reminder: Snitch is designed to help you improve your WordPress performance by detecting and displaying connections as bottleneck. The task for the blog administrator is to eliminate the source of the cause (plugin, theme, etc.).

Snitch automatically ensures that there are not more than 200 entries are kept in the database. If it is nevertheless necessary to remove Snitch entries from the database manually, two smart database commands could help:

sql
DELETE FROM wp_postmeta` WHERE `post_id` IN ( SELECT `ID` FROM `wp_posts` WHERE `post_type` = 'snitch' )

DELETE FROM wp_posts WHERE post_type = ‘snitch’
`

Are connections monitored in the front end?

Snitch catches any connection that leaves the blog via WordPress HTTP API (internal WordPress interface for data communication). This affects both the back-end and the front-end of a WordPress installation.

Why does Snitch list WordPress cronjobs?

WordPress calls internal Cronjobs via WordPress HTTP API – exactly this interface is monitored by Snitch and also records Cronjob accesses accordingly.

If cronjobs are listed too often, something possibly isn’t correct. Therefore, it is recommend to check the list of scheduled cronjob jobs.

The following code snippet in the WordPress configuration file wp-config.php switches off the logging of the internal WordPress queries:

php
define('SNITCH_IGNORE_INTERNAL_REQUESTS', true);
Why are Snitch entries indexed by Google?

Snitch stores its entries as WordPress Custom Post Types. Important step: By a WordPress attribute Snitch marks all log entries as private, therefore not public. So far, the ideology with private and inaccessible entries would work if there were not WordPress plugins that would carry all – including private – Custom Post Types into the world and communicate with search engines. With fatal consequences for the blogger.

And so it quickly happens that Google suddenly hits Snitch entries (as blog pages) which are not intended for public access. For example, because Snitch entries appear in the sitemap XML of the blog, as a sitemap XML plugin is of the opinion that it is also necessary to add private entries and to have them released for indexing. There is also no help to block via robots.txt because the robots.txt file does not prevent the indexing of the pages.

Automatic Shares go crazily

The fact that every new Snitch entry automatically sends a message to Facebook and/or Twitter, is clearly not due to Snitch. Rather, the cause is to be found in the inserted Auto-Tweet-Facebook-Plugin, which faulty triggers an automatic event at every – also non-public – WordPress Custom Post Type. And that’s wrong. The usage of such Plugins should be reconsidered.

A complete documentation is available in the GitHub repository Wiki.

Reviews

Abandoned plugin

It is a discontinued plugin which produces 1000 or more empty posts (therefore invisible from the frontpage) within two hours depending on the traffic of the site. This can only be stopped by switching off and removing the plugin.

Great. Solved my problem.

Good to check who is trying to access external websites.
My client´s website was hacked and with this tool I could find who is accessing external files to send non-authorized information.

Excellent Troubleshooting Tool

Snitch helped me to pinpoint which plugins take too much time on the networking side. When that happens, the plugin listing takes longer to display.

Highly recommended!

Read all 17 reviews

Contributors & Developers

“Snitch” is open source software. The following people have contributed to this plugin.

Contributors

“Snitch” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “Snitch” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.1.7

  • Updated README
  • Improved user interface
  • Support for WordPress 4.9

1.1.6

1.1.5 / 06.05.2015

1.1.4

  • Support for WordPress 4.2
  • Nice to have: admin_url() for edit.php requests

1.1.3

  • Support for WordPress 4.1

1.1.2

  • Feature: english translation for the readme file
  • Feature: russian translation for plugin files

1.1.1

  • Feature: status code “-1” for failing connections

1.1.0

For the complete changelog, check out our GitHub repository.